On Sat, Mar 24, 2018 at 12:17:30PM +1300, David Rowley wrote:
> If it is, then it's not a bug in pg_stat_statements. log_statement =
> 'ddl' would have kept a record of the same thing.
>
> Perhaps the best fix would be a documentation improvement to mention
> the fact and that it's best not to use
On 24 March 2018 at 10:30, legrand legrand wrote:
> It seems that passwords used in commands are not removed when caught by
> pg_stat_statements
> (they are not "normalized" being utility statements)
>
> exemple:
> alter role tt with password '123';
>
> select query from public.pg_stat_statements
Hello,
It seems that passwords used in commands are not removed when caught by
pg_stat_statements
(they are not "normalized" being utility statements)
exemple:
alter role tt with password '123';
select query from public.pg_stat_statements
where query like '%password%';
query
--
